The same technology used to identify and track terrorists in battle zones is being used on U.S. citizens. The Department of Justice in running a program through the US Marshall Service that puts a detector in a small plane and flies over an area.

This is essentially a man-in-the-middle attack. The detector fakes a signal that tells all the cell phones in range that it is the strongest cell tower signal. Since phones reroute to the strongest signal, all the phones in range connect with the sensor in the plane and then transmit their identifier information. The detector scoops up all that info. As the plane moves from one location to another, it can triangulate to the precise location of a target phone, down to which room in a building the phone is to be found.

Phone doesn’t need to be in use to be tracked, just turned on.

Civil liberty implications are that the detector is scooping up tens of thousands of phone numbers and locations during each flight. Unexplained is what the feds do with that information or how long they keep it. An ACLU technologist calls that

A dragnet surveillance program.

Program has been underway since 2007 according to the article, which also says the program goes around the phone companies. They don’t know when the program is in operation and have no involvement, so they don’t need to fib to us about whether they are assisting with putting you and me under surveillance.

10/24 – Schneier on Security – Analysis of Printer Watermarking Techniques – If you own a color laser printer, there’s a good chance your printer adds a tiny watermark to each page printed that identifies the specific printer in use. There are little yellow dots that mark the page with identifier info. That links you to each page you print.